Hello,
We are pleased to announce a Flatcar Container Linux maintenance release for our LTS-2021 channel, as well as a new major release for our Beta and Stable channel.
The Stable release now includes ARM64 support!
New Stable release 3033.2.0
Changes since Stable 2983.2.1
Security fixes
- Linux (CVE-2021-4002, CVE-2020-27820, CVE-2021-4001, CVE-2021-43975)
- Go (CVE-2021-29923, CVE-2021-39293, CVE-2021-38297,CVE-2021-39293, CVE-2021-44717, CVE-2021-44716)
- bash (CVE-2019-9924, CVE-2019-18276)
- binutils (CVE-2021-3530, CVE-2021-3549)
- ca-certificates (CVE-2021-43527)
- containerd (CVE-2021-41103)
- curl (CVE-2021-22945, CVE-2021-22946, CVE-2021-22947)
- Docker (CVE-2021-41092, CVE-2021-41089, CVE-2021-41091)
- git (CVE-2021-40330)
- glibc (CVE-2021-38604)
- gnupg (CVE-2020-25125)
- libgcrypt (CVE-2021-40528)
- nettle (CVE-2021-20305, CVE-2021-3580)
- polkit (CVE-2021-3560)
- sssd (CVE-2021-3621)
- util-linux (CVE-2021-37600)
- vim (CVE-2021-3770, CVE-2021-3778, CVE-2021-3796)
- SDK: bison (CVE-2020-14150, CVE-2020-24240)
- SDK: perl (CVE-2020-10878)
Bug fixes
- arm64: the Polkit service does not crash anymore. (flatcar-linux/Flatcar#156)
- toolbox: fixed support for multi-layered docker images (toolbox#5)
- Run emergency.target on ignition/torcx service unit failure in dracut (bootengine#28)
- Fix vim warnings on missing file, when built with USE=”minimal” (portage-stable#260)
- The Torcx profile `docker-1.12-no` got fixed to reference the current Docker version instead of 19.03 which wasn't found on the image, causing Torcx to fail to provide Docker (PR#1456)
Changes
- Added GPIO support (coreos-overlay#1236)
- Enabled SELinux in permissive mode on ARM64 (coreos-overlay#1245)
- The `iptables` command uses the nftables kernel backend instead of the iptables backend, you can also migrate to using the `nft` tool instead of `iptables`. Containers with `iptables` binaries that use the iptables backend will result in mixing both kernel backends which is supported but you have to look up the rules separately (on the host you can use the `iptables-legacy` and friends).
Updates
Changes since Beta 3033.1.1
Security fixes
Bug fixes
Updates
New Beta release 3066.1.0
Changes since Alpha 3066.0.0
Security fixes
Bug Fixes
Changes
Added a new `flatcar-update` tool to the image to ease manual updates, rollbacks, channel/release jumping, and airgapped updates (flatcar-linux/init#53)
Updates
Changes since Beta 3033.1.1
Security fixes
Changes:
Bug Fixes
Updates
New LTS release 2605.24.1
Changes since LTS 2605.23.1
Security Fixes
Updates
Best,
The Flatcar Container Linux maintainers